[Dovecot] Heartbleed openssl vulnerability?
Reindl Harald
h.reindl at thelounge.net
Wed Apr 9 17:54:20 UTC 2014
Am 09.04.2014 19:31, schrieb Robert Schetterer:
> Am 09.04.2014 19:27, schrieb Reindl Harald:
>> the word "counterproductive" describes that policies perfectly
>
> this is simply nonsense, go have a beer
don't strip quotes
i have faced users in real life with where punsihed by
change their passwords each month and the result was
that not a single of them was secure or not stored
somewhere while the same person would have choosed
something like below otherwise
!mH*IM*c!
derived from "my home is my castle"
the first and last char lowercase, the others uppercase
! at the begin and end
* after each char between
easy to remember, not in rainbow tables
*that* is real security because you don't need to note it
while it is built with chars nobody else can guess and
the user easily rememeber
anything else is nonsense cooked only with a technical point of view
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 246 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20140409/d7c4d567/attachment.sig>
More information about the dovecot
mailing list